Home page logo
/
metasploit logo
Metasploit Mailing List

Development discussion for Metasploit, the premier open source remote exploitation tool

List Archives

Jan–MarApr–JunJul–SepOct–Dec
201420304
20139855306
20121271197120
2011209275287192
2010411512474415
2009455435244426
2008237120189362
2007450501433230
2006159168188220
200590121152160
200416104116
20034

Latest Posts

Re: Deploying meterpreter / some other payload to NAT'ed devices egypt (Jul 28)
The recently-added reverse_hop_http[1] stager, thanks to scriptjunkie,
might give you a means of achieving 3a. If the server is not running PHP,
at least it will give you a starting point. Implementing the proxy in
multiple languages for scenarios like this would be useful.

[1]:
https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/handler/reverse_hop_http.rb

Deploying meterpreter / some other payload to NAT'ed devices Pedro Ribeiro (Jul 28)
Hi,

I'm building a metasploit module that abuses a vulnerability in a server
that deploys software packages to clients
The idea is to:
1) gain administrative access to the server
2) use the admin access to deploy a payload to the clients
3a) get the clients to connect back using the server as a proxy (they might
be NAT'ed of otherwise inaccessible from the attacking machine)
OR
3b) deploy some kind of payload that allows me to control...

Ruxcon 2014 Final Call For Presentations cfp (Jul 15)
Ruxcon 2014 Call For Presentations
Melbourne, Australia, October 11th-12th
CQ Function Centre

http://www.ruxcon.org.au

The Ruxcon team is pleased to announce the Final Call For Presentations for Ruxcon 2014.

This year the conference will take place over the weekend of the 11th and 12th of October at the CQ Function Centre,
Melbourne, Australia.

The deadline for submissions is the 15th of September, 2014.

.[x]. About Ruxcon .[x].

Ruxcon is...

Updating a file referenced by exploit module NeonFlash (Jul 14)
Hi,

I want to modify one of the files referenced by an existing exploit module.

For instance, let's say in the exploit module we have the code:

    File.open(File.join( Msf::Config.data_directory, "exploits", "cve-2013-xxx", "sample.zip" ), "rb") { |f| @xyz =
f.read }

it will read the file, sample.zip from the path: /opt/metasploit-framework/data/exploits/cve-2013-xxx/sample.zip and
store it...

Re: [metasploit-hackers] Mac OS X Meterpreter Anwar Mohamed (Jun 30)
I have opened a new #PR
https://github.com/rapid7/metasploit-framework/pull/3482, I hope to get
your feedback as soon as possible.

Thanks in advance

Re: Auto targeting with multi platform payloads Pedro Ribeiro (Jun 29)
Hi Rob,

I ended up doing your second suggestion, after auto selecting a Linux
target I use payload_info to check if the payload contains the "Windows"
string and bail out with an error message if so.

The check targeting is not a good idea in my case. This is because to get a
100% correct target I have to perform a minor injection (the module
exploits a sql injection). I haven't seen this written anywhere but I would
think that...

Re: [metasploit-hackers] Mac OS X Meterpreter Rob Fuller (Jun 29)
Looks like it's really coming along, awesome work!. Any chance you can
shoot some build notes or quick how-to on the best way to get started
testing it and giving you feedback?

Re: Auto targeting with multi platform payloads Rob Fuller (Jun 29)
You could write your auto-targeting into the "check" function thus giving
the user the chance to select their target and the proper payload. Most of
the other "auto" target exploits stay with the same target OS and just
switch offsets based on versions of the OS that matter to the exploitation
piece.

What I would suggest is to do a check in the module code to exit if the
target system and payload don't match up and...

Re: [metasploit-hackers] Mac OS X Meterpreter Anwar Mohamed (Jun 28)
Okay now i think i have compiled it successfully, now I am going to
recompile the core_loadlib


Screenshot - 06282014 - 03:38:59 PM.png
<https://docs.google.com/file/d/0B4NOc6lPmQRCLUQwajRyZGtLVEE/edit?usp=drive_web>

Re: [metasploit-hackers] Mac OS X Meterpreter Tod Beardsley (Jun 28)
Sweet, thanks Anwar!

Mac OS X Meterpreter Anwar Mohamed (Jun 27)
Hello guys,
Since I have tried to work for iOS meterpreter, I decided to work firstly
on the OSX meterpreter since it would be a recompile thing to work for ios
too.

I published some of my draft work and I need your help building, debugging
and testing it. its just a recompile of posix meterpreter but i needed to
revise a lot of the source code and writing new Makefiles

You can get my draft from here...

Re: Auto targeting with multi platform payloads Pedro Ribeiro (Jun 25)
able to identify its Linux and Windows targets. I'm using a global variable
to store the chosen target. With that I set the arch and platform
correctly, and then invoke generate_payload_exe with those parameters.

generated payload defaults to the windows meterpreter.

up choosing. I have tried to set the "target" variable, but it seems to
have local function scope only. Meaning if I set it in one function, it
resets to automatic...

Auto targeting with multi platform payloads Pedro Ribeiro (Jun 24)
Hi,

I'm building a multi platform exploit which has auto targeting and is able
to identify its Linux and Windows targets. I'm using a global variable to
store the chosen target. With that I set the arch and platform correctly,
and then invoke generate_payload_exe with those parameters.

However when my auto targeting function identifies a Linux target, the
generated payload defaults to the windows meterpreter.

I have a feeling that I...

Re: Noob questions Ben Campbell (Jun 20)
ARCH_X86 will work on x64 if delivered as an EXE.

If its injected into an x86_64 process it will fail.

Generally exploits are per vulnerability rather than per product. If the new module exploits a different vulnerability
you keep the existing one. If the exploitation is the same class and has similar code you could add a different target
to point to the different vector maybe?

From: framework [mailto:framework-bounces () spool metasploit...

Re: Noob questions Pedro Ribeiro (Jun 18)
OK I'm sorry for spamming you, but I have yet another "etiquette"
question...

Is it wrong to delete an obsolete module contributed by someone else?
Let's say I found a vulnerability for a product that already has an exploit
in metasploit. The underlying vulnerability is different but of the same
type (file upload) and covers all the versions that the previous module
covered plus all the ones released after that.

Would it...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]